16 matches found
CLSA-2025-1762363302 frr: Fix of 4 CVEs
CVE-2022-36440: fix heap-buffer-overflow in peekforas4capability when reading BGP OPEN extended optional parameters - CVE-2023-31490: fix insufficient stream data validation in BGP prefix SID attributes processing - CVE-2023-38407: fix out-of-bounds read in BGP labeled unicast parsing -...
ffr: Out of bounds read in bgpd/bgp_label.c
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service...
ffr: Out of bounds read in bgpd/bgp_label.c
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service...
RHEL 8 : frr (RHSA-2024:1113)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1113 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...
Oracle Linux 9 : frr (ELSA-2024-0477)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0477 advisory. 8.3.1-11.2 - Add patches for CVE-2023-47235, CVE-2023-47234, CVE-2023-38406, CVE-2023-38407 Tenable has extracted the preceding description block...
ffr: Out of bounds read in bgpd/bgp_label.c
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service...
ffr: Out of bounds read in bgpd/bgp_label.c
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service...
CVE-2023-38407
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...
SUSE CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
DEBIAN-CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
UBUNTU-CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
CVE-2023-38407
bgpd/bgplabel.c in FRRouting FRR before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing...
PT-2023-9206 · Frrouting +9 · Frrouting +9
Name of the Vulnerable Software and Affected Versions: FRRouting versions prior to 8.5 Description: The issue is related to the bgpd/bgp label.c file in FRRouting, which attempts to read beyond the end of the stream during labeled unicast parsing. This can be exploited by a remote attacker to cau...